Threatpost
JULY 5, 2021
Matt Bromiley, senior consultant with Mandiant Managed Defense, discusses the top tricks and tips for protecting enterprise environments from ransomware. InfoSec Insider Malware
WIRED Threat Level
JULY 6, 2021
Everyone hates the old ways of authentication. But while change is closer than ever, it comes with its own drawbacks.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
JULY 4, 2021
REvil Malware Suspected of Infecting Scores of IT Management Companies, Clients U.S. President Joe Biden has ordered federal intelligence agencies to investigate the incident involving IT management software vendor Kaseya. Attackers reportedly compromised Kaseya's remote monitoring system, VSA, potentially impacting scores of managed service providers and their clients.
Krebs on Security
JULY 7, 2021
Microsoft on Tuesday issued an emergency software update to quash a security bug that’s been dubbed “ PrintNightmare ,” a critical vulnerability in all supported versions of Windows that is actively being exploited. The fix comes a week ahead of Microsoft’s normal monthly Patch Tuesday release, and follows the publishing of exploit code showing would-be attackers how to leverage the flaw to break into Windows computers.
Advertisement
Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.
AIIM
JULY 8, 2021
The unprecedented COVID-19 pandemic has, almost overnight, forced many organizations to modify their business practices and transition to a remote workforce. Of course, the first focus during this transition is deploying the connectivity and infrastructure necessary to support your remote workers. Don’t, however, lose sight of the fact that information scattered across a dispersed workforce can significantly raise the risk of a data breach or other security concerns.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
JULY 5, 2021
Yet Another Ransomware Attack Targets Managed Service Providers to Maximize Profits The REvil ransomware operation behind the massive attack centering on Kaseya, which develops software used by managed service providers, has offered to decrypt all victims - MSPs as well as their customers - for $70 million in bitcoins. Experts note this isn't the first time REvil has hit MSPs, or even Kaseya.
Krebs on Security
JULY 8, 2021
Last week cybercriminals deployed ransomware to 1,500 organizations that provide IT security and technical support to many other companies. The attackers exploited a vulnerability in software from Kaseya , a Miami-based company whose products help system administrators manage large networks remotely. Now it appears Kaseya’s customer service portal was left vulnerable until last week to a data-leaking security flaw that was first identified in the same software six years ago.
AIIM
JULY 6, 2021
The COVID-19 pandemic crisis has changed most everything. Technology, social, and cultural disruptions have forced organizations to shift rapidly, expanding remote work capabilities. As we approach the post-pandemic era, a new normal has emerged in workstyles. Businesses now look to foster and enable a hybrid workplace. With this massive transition underway, many organizations struggle to maximize productivity and resilience while building a seamless and secure digital workplace.
Data Protection Report
JULY 5, 2021
The European Commission (EC) signalled plans for a new Data Act, to be published in late 2021, in its February 2020 Data Strategy Communication. The EC revealed more details in its 2021 Consultation and Inception Impact Assessment. The responses to the Consultation and Inception Impact Assessment are bound to shape the future of EU’s digital economy.
Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage
Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.
Data Breach Today
JULY 6, 2021
Software Vendor Quiet on Whether It Might Pay for REvil's Full Decryption Tool Software vendor Kaseya suspects that 800-1,500 organizations - mostly small businesses - were compromised via a ransomware attack that exploited its VSA remote management software. The company won't say if it is negotiating with the attackers for a universal decryption tool that would unlock all victims' files.
Security Affairs
JULY 9, 2021
Insurance giant CNA notifies customers of a data breach after the Phoenix CryptoLocker ransomware attack suffered in March. US insurance giant CNA is notifying customers of a data breach after the ransomware attack that it suffered in March. The insurance firm paid a $40 ransom to restore access to its files following the ransomware attack. According to Bloomberg, CNA Financial opted to pay the ransom two weeks after the security breach because it was not able to restore its operations.
Dark Reading
JULY 9, 2021
The ElectroRAT Trojan attacker's success highlights the increasingly sophisticated nature of threats to cryptocurrency exchanges, wallets, brokerages, investing, and other services.
Hunton Privacy
JULY 6, 2021
On June 30, 2021, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth submitted its comments on the Irish Data Protection Commissioner’s (“DPC”) consultation on its Draft Regulatory Strategy for 2021-2026, in which the DPC sets out its vision for the next five years. CIPL’s contribution calls for: Further elaboration on how the DPC considers effective regulation and behavioral economics in its strategic thinking; More explicit acknowledgment of the GDPR’s risk-based a
Advertisement
Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.
Data Breach Today
JULY 6, 2021
Class Actions Filed Against Each Company After Hacking Incidents U.S.-based pharmacy and supermarket chain Kroger and U.K.-based British Airways have each agreed to settle class action lawsuits filed in the wake of two massive data breaches.
Security Affairs
JULY 7, 2021
Wiregrass Electric Cooperative, a rural Alabama electric cooperative was hit by a ransomware attack. Wiregrass Electric Cooperative, a rural Alabama electric cooperative that serves about 25,000 members, was hit by a ransomware attack. The cyberattack temporarily blocked the customers’ access to their account information, the cooperative is working to restore the impacted system.
The Guardian Data Protection
JULY 5, 2021
Tory MP Tom Tugendhat raises concerns about deal in light of global computer chip shortage The UK’s largest producer of semiconductors has been acquired by the Chinese-owned manufacturer Nexperia, prompting a senior Tory MP to call for the government to review the sale to a foreign owner during an increasingly severe global shortage of computer chips.
Threatpost
JULY 9, 2021
Word and Excel documents are enlisted to disable Office macro warnings, so the Zloader banking malware can be downloaded onto systems without security tools flagging it.
Advertisement
Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.
Data Breach Today
JULY 9, 2021
Ransomware-as-a-Service Operations Tap Expert Intrusion Specialists and Negotiators As ransomware attacks become more prolific, their success is being driven by the increasing use of specialists who can refine every stage of an attack. It's a reminder that the goal of cybercrime remains to maximize illicit profits as easily and quickly as possible.
Security Affairs
JULY 6, 2021
Kaseya confirmed that the REvil supply-chain ransomware attack hit fewer than 60 of its customers and their customers. Software provider Kaseya announced that fewer than 60 of its customers and less than 1,500 businesses have been impacted by the recent supply-chain ransomware attack. Up to 1,500 downstream organizations, which were customers of MSPs using Kaseya VSA management platform, were impacted by the attack. “While impacting approximately 50 of Kaseya’s customers, this attack was n
IT Governance
JULY 5, 2021
Access control policies are an unquestionably important part of ISO 27001. The requirements for producing one are outlined in section A.9 of Annex A, which contains 14 controls. In this blog, we explain what Annex A.9 covers and what your access control should include. What is Annex A.9 of ISO 27001? Annex A.9 of ISO 27001 helps you govern who has access to your organisation’s sensitive information and under what scenarios.
Threatpost
JULY 7, 2021
The fix doesn’t cover the entire problem nor all affected systems however, so the company also is offering workarounds and plans to release further remedies at a later date.
Advertisement
Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.
Data Breach Today
JULY 8, 2021
White House Tells Moscow: Take Action, or We 'Reserve the Right' to Do So The Biden administration has a message for Russia: Rein in the criminal hackers operating from inside your borders who hit Western targets, or we'll do it for you. But experts say disrupting ransomware will take more than diplomacy or even using offensive cyber operations to target criminal infrastructure.
Security Affairs
JULY 4, 2021
Kaseya was addressing the zero-day vulnerability that REvil ransomware gang exploited to breach on-premise Kaseya VSA servers. A new supply chain attack made the headlines, on Friday the REvil ransomware gang hit the Kaseya cloud-based MSP platform impacting MSPs and their customers. The REvil ransomware operators initially compromised the Kaseya VSA’s infrastructure, then pushed out malicious updates for VSA on-premise servers to deploy ransomware on enterprise networks.
Schneier on Security
JULY 9, 2021
It’s called “ Squid Fishering.” As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.
Threatpost
JULY 6, 2021
REvil ransomware gang lowers price for universal decryptor after massive worldwide ransomware push against Kaseya security vulnerability CVE-2021-30116.
Advertisement
“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.
Data Breach Today
JULY 9, 2021
Phishing Emails Contain Malicious Link, Attachment Spammers posing as software vendor Kaseya are waging a malspam campaign to target users of the company's VSA remote IT management software that was hit by a ransomware attack, the security firm Malwarebytes reports.
Security Affairs
JULY 4, 2021
Threat actors compromised the servers of Mongolian certificate authority (CA) MonPass and used its website to spread malware. Hackers compromised the servers of the Mongolian certificate authority (CA) MonPass and used its website to spread malware, reported Avast researchers. According to the experts, the security breach took place at least six months ago, MonPass was breached potentially eight separate times and Avast researchers found eight different webshells and backdoors on a CA’s co
Information Governance Perspectives
JULY 6, 2021
ector of Privacy Compliance for CAPP, a privacy consultancy, and the co-author of Tomorrow’s Jobs Today: Wisdom And Career Advice From Thought Leaders In Ai, Big Data, Blockchain, The Internet Of Things, Privacy, And More. They discussed the impact of technology on a variety of careers and how individuals can prepare for that change. The post Reinventing Professional Services: Tomorrow’s Jobs Today appeared first on Rafael Moscatel.
Expert insights. Personalized for you.
136 
Let's personalize your content